Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/GkDAU-lk0KLo4y1FBc9ZUC5uJ6Q.roa
File:                     GkDAU-lk0KLo4y1FBc9ZUC5uJ6Q.roa (raw, json)
Hash identifier:          ZlvR9jexrBRK9YmF8iFIKTe4/Gjaatn5g/mXG3SApWs=
Subject key identifier:   1A:40:C0:53:E9:64:D0:A2:E8:E3:2D:45:05:CF:59:50:2E:6E:27:A4
Certificate issuer:       /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial:       01856D418943FA25CD3CEF20599466DBD709
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/GkDAU-lk0KLo4y1FBc9ZUC5uJ6Q.roa
Signing time:             Sun 01 Jan 2023 12:14:49 +0000
ROA not before:           Sun 01 Jan 2023 12:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36692
IP address blocks:        185.60.84.0/23 maxlen: 24
                          185.60.86.0/24 maxlen: 24
                          185.60.87.0/24 maxlen: 24
                          146.112.60.0/24 maxlen: 24
                          146.112.10.0/24 maxlen: 24
                          146.112.41.0/24 maxlen: 24
                          146.112.170.0/24 maxlen: 24
                          146.112.174.0/24 maxlen: 24
                          146.112.187.0/24 maxlen: 24
                          146.112.131.0/24 maxlen: 24
                          146.112.132.0/24 maxlen: 24
                          146.112.128.0/24 maxlen: 24
                          146.112.129.0/24 maxlen: 24
                          146.112.130.0/24 maxlen: 24
                          146.112.133.0/24 maxlen: 24
                          146.112.134.0/24 maxlen: 24
                          146.112.135.0/24 maxlen: 24
                          146.112.136.0/24 maxlen: 24
                          146.112.137.0/24 maxlen: 24
                          146.112.138.0/24 maxlen: 24
                          146.112.139.0/24 maxlen: 24
                          155.190.192.0/24 maxlen: 24
                          155.190.193.0/24 maxlen: 24
                          155.190.194.0/24 maxlen: 24
                          155.190.195.0/24 maxlen: 24
                          155.190.196.0/24 maxlen: 24
                          155.190.197.0/24 maxlen: 24
                          155.190.201.0/24 maxlen: 24
                          155.190.202.0/24 maxlen: 24
                          155.190.203.0/24 maxlen: 24
                          155.190.232.0/24 maxlen: 24
                          155.190.238.0/24 maxlen: 24
                          155.190.28.0/24 maxlen: 24
                          155.190.29.0/24 maxlen: 24
                          155.190.38.0/24 maxlen: 24
                          155.190.32.0/24 maxlen: 24
                          155.190.33.0/24 maxlen: 24
                          155.190.34.0/24 maxlen: 24
                          155.190.35.0/24 maxlen: 24
                          155.190.36.0/24 maxlen: 24
                          155.190.37.0/24 maxlen: 24
                          155.190.39.0/24 maxlen: 24
                          155.190.40.0/24 maxlen: 24
                          155.190.41.0/24 maxlen: 24
                          155.190.42.0/24 maxlen: 24
                          155.190.43.0/24 maxlen: 24
                          155.190.44.0/24 maxlen: 24
                          155.190.45.0/24 maxlen: 24
                          155.190.46.0/24 maxlen: 24
                          155.190.47.0/24 maxlen: 24
                          155.190.48.0/24 maxlen: 24
                          155.190.49.0/24 maxlen: 24
                          155.190.50.0/24 maxlen: 24
                          155.190.51.0/24 maxlen: 24
                          155.190.53.0/24 maxlen: 24
                          155.190.54.0/24 maxlen: 24
                          155.190.55.0/24 maxlen: 24
                          155.190.57.0/24 maxlen: 24
                          155.190.58.0/24 maxlen: 24
                          155.190.0.0/24 maxlen: 24
                          155.190.4.0/24 maxlen: 24
                          155.190.3.0/24 maxlen: 24
                          155.190.1.0/24 maxlen: 24
                          155.190.2.0/24 maxlen: 24
                          155.190.8.0/24 maxlen: 24
                          155.190.9.0/24 maxlen: 24
                          155.190.15.0/24 maxlen: 24
                          155.190.17.0/24 maxlen: 24
                          155.190.18.0/24 maxlen: 24
                          155.190.19.0/24 maxlen: 24
                          155.190.20.0/24 maxlen: 24
                          155.190.21.0/24 maxlen: 24
                          155.190.22.0/24 maxlen: 24
                          2a04:e4c0:25::/48 maxlen: 48
                          2a04:e4c0:14::/48 maxlen: 48
                          2a04:e4c0:22::/48 maxlen: 48
                          2a04:e4c0:11::/48 maxlen: 48
                          2a04:e4c0:47::/48 maxlen: 48
                          2a04:e4c0:55::/48 maxlen: 48
                          2a04:e4c0:30::/48 maxlen: 48
                          2a04:e4c0:44::/48 maxlen: 48
                          2a04:e4c7:fffd::/48 maxlen: 48
                          2a04:e4c0:52::/48 maxlen: 48
                          2a04:e4c4:3::/48 maxlen: 48
                          2a04:e4c0:63::/48 maxlen: 48
                          2a04:e4c0:41::/48 maxlen: 48
                          2a04:e4c0:60::/48 maxlen: 48
                          2a04:e4c0:13::/48 maxlen: 48
                          2a04:e4c0:16::/48 maxlen: 48
                          2a04:e4c7:ffff::/48 maxlen: 48
                          2a04:e4c0:10::/48 maxlen: 48
                          2a04:e4c0:49::/48 maxlen: 48
                          2a04:e4c0:24::/48 maxlen: 48
                          2a04:e4c0:43::/48 maxlen: 48
                          2a04:e4c0:46::/48 maxlen: 48
                          2a04:e4c0:21::/48 maxlen: 48
                          2a04:e4c0:40::/48 maxlen: 48
                          2a04:e4c7:fffe::/48 maxlen: 48
                          2a04:e4c4:1::/48 maxlen: 48
                          2a04:e4c0:54::/48 maxlen: 48
                          2a04:e4c0:62::/48 maxlen: 48
                          2a04:e4c0:18::/48 maxlen: 48
                          2a04:e4c4:4::/48 maxlen: 48
                          2a04:e4c0:51::/48 maxlen: 48
                          2a04:e4c0:15::/48 maxlen: 48
                          2a04:e4c0:12::/48 maxlen: 48
                          2a04:e4c0:48::/48 maxlen: 48
                          2a04:e4c0:23::/48 maxlen: 48
                          2a04:e4c0:45::/48 maxlen: 48
                          2a04:e4c0:20::/48 maxlen: 48
                          2a04:e4c0:59::/48 maxlen: 48
                          2a04:e4c0:42::/48 maxlen: 48
                          2a04:e4c0:53::/48 maxlen: 48
                          2a04:e4c0:56::/48 maxlen: 48
                          2a04:e4c0:31::/48 maxlen: 48
                          2a04:e4c4:2::/48 maxlen: 48
                          2a04:e4c0:61::/48 maxlen: 48
                          2a04:e4c0:17::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 14:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:89:43:fa:25:cd:3c:ef:20:59:94:66:db:d7:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
        Validity
            Not Before: Jan  1 12:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a40c053e964d0a2e8e32d4505cf59502e6e27a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:5f:99:d6:5f:09:f3:eb:31:a2:04:03:41:0a:
                    dc:a8:d3:11:18:dd:50:93:52:7d:98:8f:c3:6b:81:
                    94:02:8c:39:9a:d8:c9:71:b5:4e:d9:21:33:4f:7e:
                    b3:3c:22:1d:64:3c:d6:fa:31:d0:20:12:31:70:1c:
                    22:c9:24:8c:c7:af:8d:7a:a3:01:37:ea:b9:2f:d1:
                    a8:7a:c1:b8:42:01:42:04:21:ee:db:0a:75:7e:fa:
                    d9:af:5b:13:f2:1e:62:a0:2e:0e:c5:2a:c8:f0:2f:
                    c4:c9:6c:be:82:23:13:75:0c:be:50:95:99:a1:ee:
                    53:c2:1b:b0:8f:3b:29:34:62:40:09:e0:70:e1:52:
                    fd:fd:f9:e4:93:b5:9b:85:4c:77:ca:09:04:d9:9d:
                    1b:31:ec:d3:f7:13:2b:32:de:63:b4:18:9c:46:20:
                    10:52:f3:bb:b8:43:94:cb:70:db:eb:5c:70:9f:da:
                    af:8a:e1:d6:e4:b7:0b:b0:68:85:d9:ea:24:18:61:
                    28:a6:ed:62:80:9c:7a:a1:cd:ad:f2:09:b9:c2:4d:
                    3f:5a:a7:40:c1:7a:0f:19:20:1c:31:6e:3a:47:bb:
                    6c:b1:41:99:fb:96:19:67:ad:8c:e5:b1:13:c6:a0:
                    25:21:73:9d:7e:92:f0:ce:87:58:b0:b0:f4:47:52:
                    a7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:40:C0:53:E9:64:D0:A2:E8:E3:2D:45:05:CF:59:50:2E:6E:27:A4
            X509v3 Authority Key Identifier:
                keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/GkDAU-lk0KLo4y1FBc9ZUC5uJ6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.112.10.0/24
                  146.112.41.0/24
                  146.112.60.0/24
                  146.112.128.0-146.112.139.255
                  146.112.170.0/24
                  146.112.174.0/24
                  146.112.187.0/24
                  155.190.0.0-155.190.4.255
                  155.190.8.0/23
                  155.190.15.0/24
                  155.190.17.0-155.190.22.255
                  155.190.28.0/23
                  155.190.32.0-155.190.51.255
                  155.190.53.0-155.190.55.255
                  155.190.57.0-155.190.58.255
                  155.190.192.0-155.190.197.255
                  155.190.201.0-155.190.203.255
                  155.190.232.0/24
                  155.190.238.0/24
                  185.60.84.0/22
                IPv6:
                  2a04:e4c0:10::-2a04:e4c0:18:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:20::-2a04:e4c0:25:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:30::/47
                  2a04:e4c0:40::-2a04:e4c0:49:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:51::-2a04:e4c0:56:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:59::/48
                  2a04:e4c0:60::/46
                  2a04:e4c4:1::-2a04:e4c4:4:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c7:fffd::-2a04:e4c7:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         61:f3:7c:0d:0b:db:e7:7d:0f:d7:bf:f0:ce:61:ab:55:4c:0e:
         59:8f:c3:48:29:7f:b5:a4:a3:a9:dc:d0:e8:8e:d6:00:f6:9d:
         c8:25:3e:0b:94:44:ca:4e:25:9c:66:bb:43:51:f4:4f:40:67:
         75:23:a2:c2:64:9b:7c:ee:ec:e6:30:64:d4:28:74:d1:89:75:
         8d:b8:55:5b:08:f4:23:3a:19:b7:f4:fc:a3:f6:43:fa:a9:1e:
         48:d2:43:96:26:44:7d:5a:20:32:8a:87:02:cc:8f:4a:1e:09:
         50:38:8d:5a:dc:53:1f:37:da:78:99:02:3c:68:6c:b9:8a:3d:
         2a:ed:1f:f7:0b:03:09:39:02:88:64:03:fb:5a:99:51:48:b7:
         07:fc:a3:87:e9:7d:a3:ae:2f:21:bb:75:ba:21:1b:12:ff:a8:
         95:9a:c1:a7:73:7c:02:dd:17:1e:25:40:5d:37:44:d4:5e:7d:
         d9:32:6b:11:21:04:fb:33:b1:9a:46:64:72:8a:57:44:0f:1f:
         58:11:c5:2b:16:db:eb:71:dc:44:fe:05:9f:10:ea:41:e4:4d:
         ba:81:4d:7e:90:93:6f:34:22:6f:30:48:ac:e5:62:a6:4b:33:
         04:8a:63:1e:9d:d0:9f:ae:9e:39:d9:3b:09:0c:49:84:22:71:
         22:a4:b7:d9
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgISAYVtQYlD+iXNPO8gWZRm29cJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjMwMTAxMTIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQwYzA1M2U5NjRkMGEyZThlMzJkNDUwNWNmNTk1MDJlNmUyN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1+Z1l8J8+sxogQDQQrcqNMRGN1Q
k1J9mI/Da4GUAow5mtjJcbVO2SEzT36zPCIdZDzW+jHQIBIxcBwiySSMx6+NeqMB
N+q5L9GoesG4QgFCBCHu2wp1fvrZr1sT8h5ioC4OxSrI8C/EyWy+giMTdQy+UJWZ
oe5TwhuwjzspNGJACeBw4VL9/fnkk7WbhUx3ygkE2Z0bMezT9xMrMt5jtBicRiAQ
UvO7uEOUy3Db61xwn9qviuHW5LcLsGiF2eokGGEopu1igJx6oc2t8gm5wk0/WqdA
wXoPGSAcMW46R7tssUGZ+5YZZ62M5bETxqAlIXOdfpLwzodYsLD0R1KnsQIDAQAB
o4IDXTCCA1kwHQYDVR0OBBYEFBpAwFPpZNCi6OMtRQXPWVAubiekMB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvR2tEQVUtbGswS0xvNHkxRkJjOVpVQzV1SjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcQYIKwYBBQUHAQcBAf8EggFgMIIBXDCBvgQCAAEwgbcD
BACScAoDBACScCkDBACScDwwDAMEB5JwgAMEApJwiAMEAJJwqgMEAJJwrgMEAJJw
uzALAwMBm74DBACbvgQDBAGbvggDBACbvg8wDAMEAJu+EQMEAJu+FgMEAZu+HDAM
AwQFm74gAwQCm74wMAwDBACbvjUDBAObvjAwDAMEAJu+OQMEAJu+OjAMAwQGm77A
AwQBm77EMAwDBACbvskDBAKbvsgDBACbvugDBACbvu4DBAK5PFQwgZgEAgACMIGR
MBIDBwQqBOTAABADBwAqBOTAABgwEgMHBSoE5MAAIAMHASoE5MAAJAMHASoE5MAA
MDASAwcGKgTkwABAAwcBKgTkwABIMBIDBwAqBOTAAFEDBwAqBOTAAFYDBwAqBOTA
AFkDBwIqBOTAAGAwEgMHACoE5MQAAQMHACoE5MQABDAQAwcAKgTkx//9AwUDKgTk
wDANBgkqhkiG9w0BAQsFAAOCAQEAYfN8DQvb530P17/wzmGrVUwOWY/DSCl/taSj
qdzQ6I7WAPadyCU+C5REyk4lnGa7Q1H0T0BndSOiwmSbfO7s5jBk1Ch00Yl1jbhV
Wwj0IzoZt/T8o/ZD+qkeSNJDliZEfVogMoqHAsyPSh4JUDiNWtxTHzfaeJkCPGhs
uYo9Ku0f9wsDCTkCiGQD+1qZUUi3B/yjh+l9o64vIbt1uiEbEv+olZrBp3N8At0X
HiVAXTdE1F592TJrESEE+zOxmkZkcopXRA8fWBHFKxbb63HcRP4FnxDqQeRNuoFN
fpCTbzQibzBIrOVipkszBIpjHp3Qn66eOdk7CQxJhCJxIqS32Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:55 2024 by rpki-client on console-ams.rpki-client.org